search

zaproxy / zaproxy

The ZAP core project
https://www.zaproxy.org
Apache License 2.0
12.51k stars 2.24k forks source link

Review and customize plugin checks directly from the options menu [feature request] #170

Closed zapbot closed 9 years ago

zapbot commented 9 years ago 
One of the main advantages of using open source webapp penetration testing tools is
that by tweaking the available code, the pentester is able to customize the checks
that are running against his target. In the case of ZAP, non-java developpers / pentesters
that don't actually have the time to edit and rebuild the tool from source will not
be able to benefit from this.

So what about taking that open source advantage into a new level by allowing the user
to see and [if possible] edit the checks plugins are making directly from the UI? That
way the user will have full (and quick) control over his Active Scanner without actually
having to delve into the code. Besides, as of this writing, this feature is _rarely_
implemented in tools so it would be a strong motive to use ZAP.

Original issue reported on code.google.com by houcem.hachicha on 2011-09-17 11:42:23

zapbot commented 9 years ago 
I really like this idea, and its not too far away from things we've already talked about
in the ZAP team.
Cant promise it soon, but I think it could be really powerful.
We also might be able to do these sort of things via the beanshell, essentially allowing
you to reprogram ZAP on the fly.

Thanks for all of your suggestions!

We now have to somehow find enough time to implement them ;)

Psiinon

Original issue reported on code.google.com by psiinon on 2011-09-17 11:47:33

zapbot commented 9 years ago 
Beanshell seems to have been implemented. Plus users can now write or customize their
own checks via the scripts extension.

If no further updates are received from the requester or owner by 2014-June-18 this
issue will be closed.

Original issue reported on code.google.com by kingthorin on 2014-06-05 00:41:53

zapbot commented 9 years ago 
(No text was entered with this change)

Original issue reported on code.google.com by kingthorin on 2014-06-24 20:04:35

lock[bot] commented 4 years ago

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.